Lesser Known, but Still Dangerous, Attacks
- Published: Tuesday, May 19, 2020
Denial of Service, phishing and ransomware are well known and documented forms of cyber attacks. They can render a network or device unusable, steal sensitive information, disrupt business and damage reputations. Here are a few other attack vectors that are less talked about in the news but are still actively targeting your systems.
- Evil Maid: An attack on an unattended device. The hacker will alter the device so that they can access it later to retrieve data or perform other malicious activities.
- Cold Boot Attack: A physical attack in which the attacker performs a memory dump on the RAM by performing a hard reset. Then the hacker will boot from a removable disk in order to dump the physical memory to a file. The crook can then analyze the data and perform various forms of cryptography to unlock the keys. This method is typically used in digital forensics.
- Cross-Site Scripting (XSS): Inserts malicious code into HTML that will run code on the user’s computer. This could redirect the user to a malicious site for the purpose of stealing credentials or personal information.
- SQL injection (SQLI): Uses malicious SQL to manipulate the database in order to access information not intended to be viewed. Websites are mostly targeted.
- Drive-by Attack: A cyber attacker will plant a malicious script into one of the pages of a vulnerable website. The victim will visit the infected website and malware will be delivered to the system.
- Man-in-the-Middle (MITM): When a third- arty intercepts the communication between two parties. The third party then monitors the activity and gains access to information shared through the connection.
- Insider Attacks: Initiated by a trusted worker of an organization, for example an employee or contracted user. Many insider attacks are unintentional and usually caused by lack of security or policy measures. However, disgruntled employees may also deliberately attack for personal gain or disruption of the organization.
- Brute Force and Dictionary Attacks: These attacks will systematically attempt to log into the user’s account by checking and trying all possible passwords. Brute force attacks will use dictionary software that will combine variations of dictionary words. This attack can generate thousands of attempts per minute.
- Artificial Intelligence (AI) Attacks: Through the use of machine learning software, a computer can be trained to perform tasks on its own. This AI is used in autonomous systems such as vehicles and drones. Malicious hackers can use this technology to weaponize their attacks.
As with all threats, make sure you are keeping your network, hardware and software all up to date and patched. Ensure that policies are in place, reviewed and followed for accountability of employees. Develop an ongoing security awareness program for employees to alert them of risks and threats. Create a disaster recovery and incident response plan so that if you suffer an attack you will be able to quickly and efficiently recover and resume business.
Writer: Kathy Bellew